Bringing Systems Engineering and Security Together: A Systems Security Engineering Learning Path

Abstract

This paper promotes a comprehensive, systems-oriented approach to security engineering for complex systems which ensures adequate integration of security engineering considerations throughout the entire system life cycle. First, key definitions and concepts are presented for those unfamiliar with the specialty domain of Systems Security Engineering (SSE). Next, a tailorable SSE curriculum is provided to further promote the institutionalization and standardization of SSE across a wide variety of stakeholders, security specialties, and engineering disciplines. The goal of the curriculum is for students to gain increased understanding of SSE roles, responsibilities, and concepts, as well as, gain familiarity with established SSE processes, activities, and tasks to more purposefully develop secure and resilient systems. Lastly, initial mappings to the National Initiative for Cybersecurity Education (NICE) workforce framework are provided.